inclusion de l interface d admin

alainabbas · alainabbas · commit a7f80f8db8dc · 2024-02-04T16:23:48.000+01:00
diff --git a/Dockerfile b/Dockerfile
@@ -5,9 +5,19 @@ ARG EXT_BUILD_OPTIONS=""
 
 FROM $BASE_IMAGE as overlay
 ENV CAS_BRANCH_VERSION=6.6
+ENV MGNT_BRANCH_VERSION=6.6.x
 
 RUN apt-get update && \
-    apt-get install -y git
+    apt-get install -y git 
+
+# MANAGEMENT 
+
+RUN git clone --branch $MGNT_BRANCH_VERSION  https://github.com/apereo/cas-management.git /tmp/cas-management
+
+WORKDIR /tmp/cas-management
+
+RUN ./gradlew clean build $EXT_BUILD_COMMANDS --parallel --no-daemon $EXT_BUILD_OPTIONS
+
 
 RUN git clone --branch $CAS_BRANCH_VERSION --single-branch https://github.com/apereo/cas-overlay-template.git /tmp/cas-overlay
 
@@ -33,14 +43,13 @@ RUN ls /tmp/cas-overlay/build/app
 RUN mv /tmp/cas-overlay/build/app /tmp/tomcat/cas
 
 
-
 RUN apt-get clean && \
     rm -rf /var/lib/apt/lists/* /var/tmp/*
 
 FROM $PROD_IMAGE as cas
 
 RUN apt-get update && \
-    apt-get install -y gettext-base
+    apt-get install -y gettext-base unzip
 RUN apt-get clean && \
     rm -rf /var/lib/apt/lists/* /var/tmp/*
 RUN mkdir -p /data/logs
@@ -54,6 +63,12 @@ COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/js/material.js /
 COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/favicon.ico /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/images/
 COPY --from=overlay /tmp/cas-overlay/build/cas-resources/static/images/cas-logo.png /usr/local/tomcat/webapps/cas/WEB-INF/classes/static/themes/custom/images/mylogo.png
 
+# Install management 
+COPY --from=overlay /tmp/cas-management/webapp/cas-mgmt-webapp/build/libs/cas-mgmt-webapp-6.6.5-SNAPSHOT.war /usr/local/tomcat/webapps
+RUN mkdir /usr/local/tomcat/webapps/cas-management
+RUN unzip /usr/local/tomcat/webapps/cas-mgmt-webapp-6.6.5-SNAPSHOT.war -d /usr/local/tomcat/webapps/cas-management
+RUN rm -rf /usr/local/tomcat/webapps/cas-mgmt-webapp-6.6.5-SNAPSHOT.war
+
 # sauvegarde du theme
 RUN mkdir /data/theme 
 RUN mkdir /data/theme/css 
diff --git a/rootfs/data/etc/casclient-1.json b/rootfs/data/etc/casclient-1.json
@@ -0,0 +1,6 @@
+{
+   "@class" : "org.apereo.cas.services.CasRegisteredService",
+   "serviceId" : "^${CAS_HOSTNAME}/.*",
+   "name" : "casclient",
+   "id" : 1,
+}
diff --git a/rootfs/data/etc/management.properties b/rootfs/data/etc/management.properties
@@ -0,0 +1,67 @@
+mgmt.admin-roles[0]=ROLE_ADMIN
+#mgmt.user-roles[0]=ROLE_USER
+cas.server.name = ${CAS_HOSTNAME}
+cas.server.prefix=${cas.server.name}/cas
+cas.service-registry.json.location: file:/etc/cas/services
+logging.config: file:/etc/cas/config/log4j2.xml
+mgmt.server-name= ${CAS_HOSTNAME}
+mgmt.default-locale=fr
+
+# mgmt.authz-ip-regex=
+# mgmt.authz-attributes[0]=
+mgmt.user-properties-file=file:/etc/cas/config/admin-users.json
+
+# mgmt.version-control.enabled=false
+# mgmt.version-control.services-repo=/etc/cas/services-repo
+# mgmt.version-control.sync-script=
+
+# mgmt.delegated.enabled=false
+# mgmt.delegated.user-repos-dir=/etc/cas/user-repos
+
+# mgmt.enable-discovery-endpoint-call=true
+
+#mgmt.ldap.ldap-url = ${LDAP_HOSTNAME}
+#mgmt.ldap.bind-dn = ${LDAP_BIND_DN}
+#mgmt.ldap.bind-credential = ${LDAP_BIND_CREDENTIAL}
+# mgmt.ldap.use-ssl = true
+
+# mgmt.ldap.trust-certificates =
+# mgmt.ldap.keystore = 
+# mgmt.ldap.keystore-password =
+# mgmt.ldap.keystore-type = 
+
+# mgmt.ldap.min-pool-size = 3
+# mgmt.ldap.max-pool-size = 10
+# mgmt.ldap.pool-passivator = BIND
+# mgmt.ldap.validate-on-checkout = true
+# mgmt.ldap.validate-periodically = true 
+# mgmt.ldap.validate-timeout = PT5S
+# mgmt.ldap.validate-period = PT5M 
+
+# mgmt.ldap.fail-fast = true
+# mgmt.ldap.idle-time = PT10M
+# mgmt.ldap.prune-period = PT2H
+# mgmt.ldap.block-wait-time = PT3S
+# mgmt.ldap.connection-strategy =
+# mgmt.ldap.use-start-tls = 
+# mgmt.ldap.connect-timeout = PT5S
+# mgmt.ldap.response-timeout = PT5S
+# mgmt.ldap.provider-class = 
+# mgmt.ldap.allow-multiple-dns = false
+# mgmt.ldap.sasl-realm = 
+# mgmt.ldap.sasl-mechanism = 
+# mgmt.ldap.sasl-authorization-id = 
+# mgmt.ldap.sasl-security-strength = 
+# mgmt.ldap.sasl-mutual-auth = 
+# mgmt.ldap.sasl-quality-of-protection = 
+
+# mgmt.ldap.ldap-authz.role-attribute = uugid
+# mgmt.ldap.ldap-authz.role-prefix = ROLE_
+# mgmt.ldap.ldap-authz.allow-multiple-results =
+# mgmt.ldap.ldap-authz.group-attribute =
+# mgmt.ldap.ldap-authz.group-prefix =
+# mgmt.ldap.ldap-authz.group-filter =
+#mgmt.ldap.ldap-authz.group-base-dn = cn=admincas,cn=groups,dc=sogxmail,dc=com
+#mgmt.ldap.ldap-authz.base-dn =
+# mgmt.ldap.ldap-authz.search-filter =
+
diff --git a/rootfs/entrypoint.sh b/rootfs/entrypoint.sh
@@ -9,6 +9,15 @@ if [ ! -f /etc/cas/config/cas.properties ] ; then
         echo "create cas.properties"
         cat /data/etc/cas.properties|envsubst >/etc/cas/config/cas.properties
 fi
+if [ ! -f /etc/cas/config/management.properties ] ; then
+        echo "create management.properties"
+        cat /data/etc/management.properties|envsubst >/etc/cas/config/management.properties
+fi
+if [ ! -f /etc/cas/services/casclient-1.json ] ; then
+        echo "create casclient-1.json"
+        cat /data/etc/casclient-1.json|envsubst >/etc/cas/services/cas-client-1.json
+fi
+
 if [ ! -f /etc/cas/config/log4j2.xml ]; then
      cp /data/etc/log4j2.xml /etc/cas/config/log4j2.xml
 fi
diff --git a/rootfs/etc/cas/config/admin-users.json b/rootfs/etc/cas/config/admin-users.json
@@ -0,0 +1,8 @@
+{
+  "casuser" : {
+    "@class" : "org.apereo.cas.mgmt.authz.json.UserAuthorizationDefinition",
+    "roles" : [ "ROLE_ADMIN" ],
+    "permissions" : [ "CAN_DO_XYZ" ]
+  }
+}
+
